NIST eyes removing flawed Dual_EC_DRBG alogrithm from guidelines

Share this article:
Researchers uncover NSA tool, enables faster cracking of flawed RSA algorithm
NIST is looking to remove the flawed Dual_EC_DRBG algorithm from its guidelines.

The National Institute of Standards and Technology (NIST) is seeking to update its guidelines by removing a flawed, community-developed algorithm believed to contain a backdoor.

NIST announced on Monday that it had revised its document, “Recommendation for Random Number Generation Using Deterministic Random Bit Generators,” to exclude the questionable Dual Elliptic Curve Deterministic Random Bit Generator (Dual_EC_DRBG) algorithm.

“NIST is removing the algorithm based on our own evaluation and the lack of public confidence in the algorithm,” Jennifer Huergo, a NIST spokesperson, told in a Tuesday email correspondence.

Huergo linked to a revision summary, posted on Monday, which explains how Dual_EC_DRBG is perceived by the public to contain a backdoor. This backdoor could result in attackers predicting secret cryptographic keys, according to the summary.

The revised document, known as SP 800-90A, has only just been opened for public comments, so there has not yet been much of a community response, Huergo said. Commenters have until May 23 to voice their opinions on the update, according to a Monday NIST release.

NIST is urging all users not to wait for further revisions and to quickly begin shifting to one of the other algorithms still supported in the revised document, which include the Hash_DRBG, HMAC_DRBG, and CTR_DRBG algorithms.

In September 2013, NIST advised against using Dual_EC_DRBG due to a possible backdoor. Shortly after, RSA, which used the algorithm in all its BSAFE Toolkits, recommended shifting to one of the different algorithms built into the BSAFE Toolkit.

In December 2013, reports suggested that RSA entered into a $10 million secret agreement with the National Security Agency (NSA) to continue using the flawed algorithm in its products, but RSA quickly denied the allegations.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters


More in News

Information sharing requires breaking down barriers, White House cyber guru says

Information sharing requires breaking down barriers, White House ...

The White House has advanced an agenda to promote and facilitate information sharing on security threats and vulnerabilities.

Worm variant of Android ransomware, Koler, spreads via SMS

Worm variant of Android ransomware, Koler, spreads via ...

Upon infection, the Koler variant will send an SMS message to all contacts in the device's address book.

Patch for Windows flaw can be bypassed, prompts temporary fix from Microsoft

Patch for Windows flaw can be bypassed, prompts ...

The Windows zero-day received a patch last week, but the fix can still be bypassed by crafty attackers.